Unauthorized Data Modification Vulnerability in Motors Plugin by WordPress
CVE-2024-5545
5.3MEDIUM
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 2 July 2024
What is CVE-2024-5545?
The Motors – Car Dealer, Classifieds & Listing plugin for WordPress has a significant vulnerability that allows unauthorized users to modify data. Due to a missing capability check in the function responsible for editing and deleting user cars, attackers can exploit this flaw in all versions up to and including 1.4.8. This vulnerability enables unauthenticated attackers to unpublish posts and pages at will, thereby potentially disrupting site operations and compromising content integrity.